Let’s Encrypt is just as secure as paid certs. They’re held to the same security standard.
Let’s Encrypt is just as secure as paid certs. They’re held to the same security standard.
Truly a Taco Bell-level take.
Ceph is a huge amount of overhead, both engineering and compute resources, for this usecase.
Sometimes I think this community should be called homelab instead of selfhosted based on the kinds of questions
What’s the cost and impact of downtime for you? If you’re doing this for personal use it’s probably minimal for both so doesn’t really matter. If you want to try the new thing and you’re not afraid of the time investment or potential downtime then go for it
It’s been a long time since I took it but these are two I recall being helpful. There is a ton of material out there on this cert. I think I recall the official book being helpful too.
https://www.professormesser.com/network-plus/n10-008/n10-008-video/n10-008-training-course/
https://youtu.be/_QBY29dmr-M?si=hmUo22xwjU6oa7Aj
Part 1 and part 5 look most applicable to you. You’re unlikely to ever need or want to mess with dynamic routing unless you’re doing networking for very large networks for example.
What you’re looking for is a backup. RAID is not a backup, as another poster said it’s a tool for enduring high availability, and possibly higher throughput.
Buy a second pi and put it in another location in your house or even better at friends house then configure regular backups of your important data to it. There are also cloud services for doing backups which are great because having a location to do off-site backups to can be really hard to get as an individual.
A lot of this is being complicated for you by not understanding networking fundamentals. I’d suggest looking into a Network+ certification which will cover all of these basics like DNS. You don’t have to actually get the cert, just going through the motions on learning the material should help a lot.
You seem to be close on grokking the whole picture and just need some of the basics that are hard to pick up from just doing things at home. A lot of work has been done to try abstract that away from consumers in order to make things easier which is making it harder for you.
Fair enough. Personally I’d start with their documentation then: https://docs.openstack.org/install-guide/
For OS it looks like they support RHEL/CentOS, Ubuntu, Debian, and SUSE so I’d stick with one of those.
Openstack is like self-hosting your own cloud provider. My 2 cents is that it’s probably way overkill for personal use. You’d probably be interested in it if you had a lot of physical servers you wanted to present as a single pooled resource for utilization.
How does one install it?
From what I heard from a former coworker - with great difficulty.
What is the difference between a hypervisor/openstack/a container service (podman,docker)?
A hypervisor runs virtual machines. A container service runs containers which are like virtual machines that share the host’s kernel (more to it than that but that’s the simplest explanation). Openstack is a large ecosystem of pieces of software that runs the aforementioned components and coordinates it between a horizontally scaling number of physical servers. Here’s a chart showing all the potential components: https://upload.wikimedia.org/wikipedia/commons/a/a5/Openstack-map-v20221001.jpg
If you’re asking what the difference between a container service and a hypervisor are then I’d really recommend against pursuing this until you get more experience.
How is this different from Fail2Ban?
Heartbleed was a thing that happened.
A lot of ISPs and hosting providers block outbound email by default.
You’re making it that much easier for someone to brute force logging in or to exploit a known vulnerability. If you have a separate root password (which you should) an attacker needs to get through two passwords to do anything privileged.
This has been considered an accepted best practice for 20+ years and there’s little reason not to do it anyways. You shouldn’t be running things as root directly regardless.
One. Use a switch for networking.
You can only do 100M runs max anyways, just replace the whole thing? 100M of CAT6 is pretty cheap if you already have a box for it.
Or is this an academic question?
10mb is pretty much nothing. May as well just use Fail2Ban.
FWIW that’s illegal and is considered hacking in the US and can result in jail time. You should only do this on equipment you own. Not saying you did anything particularly nefarious or that the chance of getting caught is high but just FYI.
+1 hosting email sucks.